General Data Protection Regulations Privacy Policy

The General Data Protection Regulation (GDPR) came into effect on 25th May 2018, we are taking the necessary steps to be fully compliant.

Heathfield (Horsham) Ltd requires to gather and store certain information about individuals including customers, suppliers, employees and other people the organisation has a relationship with or whom we may need to contact.

The new GDPR gives individuals more control over how information is used and makes it easier for them to check and update personal information held.

The information held can be used to identify you or your organisation, including, but not limited to, names, postal addresses, email address and telephone numbers. Any records stored on devices are password protected and encrypted. Devices have anti-virus and firewall in place and information will be retained for a period up to 6 years.

Data collected will only be used for the purposes necessary for us to fulfil our business obligations to you. Your data will only be shared if in the interests of yourself or the business, or if legally obliged to do so. Any data stored will be processed lawfully, fairly and in a transparent manner. It will only be collected for specified and legitimate purposes and not further processed in any way. All reasonable steps will be taken to ensure data is kept up to date and is accurate.

CCTV installation is used for movement recordings only and any information recorded is retained for a maximum of 7 days. By using and browsing our website (www.heathfield.care) you consent to cookies, which are small data files placed on your browser and allows us to recognise each time you visit the site. Cookies themselves do not contain any personal information and we do not collect information in this way.

You have a legal right to access the data we hold about you including, ensuring this information is correct, updating information or requests for restricting information in certain circumstances, for example objection to marketing. Any requests must be in writing. We have a Data Protection Policy in place and this is available on request. Any data protection issues should be forwarded to the Data Controller kirsty@heathfield.care.